Somewhere in the ~1000 random items and papers scattered about my workspace, there are notes that correlate to passwords. If you think you can recognize and interpret them, have at it. Worst case, you'll leave my workspace a bit tidier than you found it.

Great against a brute force attack, not so good against a dictionary based attack.

Really? Even if you know that the password is composed of four words from a dictionary, you're not going to get anywhere. Remember, you're still producing a single hash from it. Dictionary attacks based on single-word vocabulary (including simple variants like upper/lowercase, digit substitution, etc.) are marginally practical at present. Expanding to four-word sequences would raise the size of your dictionary to the fourth power. Not going to happen anytime soon.

Brute force is basically trying every possible combination of characters from a given set. (EX, starting with AAAAA and ending with ZZZZZ for a 5 digit alpha numeric password that's all in caps.

With brute force, you will eventually get the password, but due to the nature of brute force, it might take essentially forever to get to a given password.

A dictionary attack instead uses words from the dictionary arranged in certain orders. It's a smaller space of possible combinations so you get better results.

The hit rate even increases when you run the dictionary words through common transformations (IE, substitute 3 for E, a 1 for I, etc).

//whenever passwords are released, groups (both white and black hat) have competitions to see who can crack the largest number of passwords. There are a few interesting writeups that go through the methods that they use and what percentage of the passwords were compromised by each method.

Great against a brute force attack, not so good against a dictionary based attack.

Really? Even if you know that the password is composed of four words from a dictionary, you're not going to get anywhere. Remember, you're still producing a single hash from it. Dictionary attacks based on single-word vocabulary (including simple variants like upper/lowercase, digit substitution, etc.) are marginally practical at present. Expanding to four-word sequences would raise the size of your dictionary to the fourth power. Not going to happen anytime soon.

Actually, there's been some impressive cracking work using Wikipedia as a dictionary for source phrases.

Great against a brute force attack, not so good against a dictionary based attack. The bottom line is passwords suck for security.

Me thinks you're not very good at math. With something like 176K words in the English language, that would leave 176K ** 4 = 959,512,576,000,000,000,000 (960 quintillion) possibilities. Just for dictionary attacks, which isn't even factoring replacing characters or using a different language or using forms of slang, etc.

The fastest password crackers (using GPUs) can go at around a billion entries a second, which is impressive, but doesn't even make a dent into entropy like THAT.

blue_2501: Me thinks you're not very good at math. With something like 176K words in the English language, that would leave 176K ** 4 = 959,512,576,000,000,000,000 (960 quintillion) possibilities. Just for dictionary attacks, which isn't even factoring replacing characters or using a different language or using forms of slang, etc.

The problem is, people don't tend to use every possible word in the dictionary in their passwords, they mostly use common words.

If you shape the attack, you can get a high percentage of the passwords without making the target space huge.

// This is especially true if you get a large list of decrypted passwords from a given source. Because then those millions of passwords get added to the shaped attack (because they are passwords that were already known to be used in the wild ... and people love to reuse passwords).

Great against a brute force attack, not so good against a dictionary based attack.

Really? Even if you know that the password is composed of four words from a dictionary, you're not going to get anywhere. Remember, you're still producing a single hash from it. Dictionary attacks based on single-word vocabulary (including simple variants like upper/lowercase, digit substitution, etc.) are marginally practical at present. Expanding to four-word sequences would raise the size of your dictionary to the fourth power. Not going to happen anytime soon.

Actually, there's been some impressive cracking work using Wikipedia as a dictionary for source phrases.

Pass phrases can be more secure than passwords, but you have to use them properly.

English has grammar: some words are "supposed" to follow others, and "not supposed" to follow yet others. That's why you shouldn't use sentences as pass phrases: they decrease the entropy of the password, because you can cut out large parts of the dictionary at every step. You should jumble up random words instead.

The other big thing is that you need to make sure that at least one word on your list is not among the 1500 most common English words. This is hard if you're doing it in your head: people suck at picking random words. Better to use something like Diceware, which gives the advantage of giving you a legitimate reason to keep 5d6 on your desk.

How about a fairly unusual english language word, that is relatively long (lets say 9 letters) with an intentional mis-spelling, and one number and one symbol thrown in at the beginning and end?

Would that be better or worse than correct horse battery staple?

/Part of me wishes I had gone into a crypto path in college and career...always loved codes and breaking them//Girl in 8th grade signed a buddies yearbook in some "wiccan code"...it looked like a replacement code at first glance, so I spent the next 30 minutes of class trying to crack it, with complete success/"Sequences and Series" was far and away my favorite part of calculus

my_cats_breath_smells_like_cat_food:How about a fairly unusual english language word, that is relatively long (lets say 9 letters) with an intentional mis-spelling, and one number and one symbol thrown in at the beginning and end?

Would that be better or worse than correct horse battery staple?

/Part of me wishes I had gone into a crypto path in college and career...always loved codes and breaking them//Girl in 8th grade signed a buddies yearbook in some "wiccan code"...it looked like a replacement code at first glance, so I spent the next 30 minutes of class trying to crack it, with complete success/"Sequences and Series" was far and away my favorite part of calculus

Oh, and for the theoretical password I am describing, I guess an example would be " &7Francisko6^ " if that helps.

A password is "strong enough" when a hacker, thinking he's gotten enough passwords out of his stolen list, stops his cracking program before it's done with yours. You can't know when this will happen, so you've got no choice but to make your password as strong as you can, but once the process has begun, that's really what matters. You don't have to beat the cracking program, only an attacker's patience.

The RockYou breach was God's gift to people who use mediocre passwords. Its list became the go-to symbol library for password crackers, and the Adobe list will probably be merged with it or replace it entirely, and so as long as your password is not on that list (and isn't a too-easily-guessed derivative of something that is on the list), chances are you'll be safe for a long time to come.

Formatting weakens passwords. It even weakens "correct horse battery staple," which is why it's only got 44 bits of entropy instead of 232.

Starting with an uncommon English word gets you about 19 bits of entropy, assuming /usr/share/dict/words as your symbol library (479,829 possibilities, and "Francisco" is in fact part of the list). Your symbols only get you another 6-8 bits, so you're up to 27 total.

The intentional misspelling gives you some strength: maybe more than the number/symbol pairings do, in fact. But even so, it can only give you so much: if we assume 256 credible misspellings of a word, that's still only 8 bits, giving you a total of 35. CHBS's 44 bits beats that.

(Incidentally, the reason CBHS has only 44 bits of entropy is that Munroe used a much shorter word list than mine. He seems to have used a list of 1500 common English words).

my_cats_breath_smells_like_cat_food:How about a fairly unusual english language word, that is relatively long (lets say 9 letters) with an intentional mis-spelling, and one number and one symbol thrown in at the beginning and end?

Would that be better or worse than correct horse battery staple?

/Part of me wishes I had gone into a crypto path in college and career...always loved codes and breaking them//Girl in 8th grade signed a buddies yearbook in some "wiccan code"...it looked like a replacement code at first glance, so I spent the next 30 minutes of class trying to crack it, with complete success/"Sequences and Series" was far and away my favorite part of calculus

Intentional misspellings (that aren't common misspellings) are probably good, especially if they are completely different letters instead of phonetically similar letters (plus your example is probably part of a place name so would be in a dictionary attack). Adding a couple of random characters/numbers/symbols onto the beginning/end of a word increases things somewhat in complexity, but most common combinations like that will be part of a hybrid attack (dictionary attack augmented by brute forcing different formats of additions and alterations to a single root password).

Existing phrases tend to be pretty weak passwords, as they probably show up in imdb, gutenberg, wikipedia, or wherever, so any hacker that has a dictionary farmed from such sources will break such types of password relatively quickly.

The reason for suggesting the "correct horse battery staple" style password is because it is relatively quick and reliable to type for most people that use computers regularly, and they tend to be relatively easy to remember as you are remembering four things (each word) instead of the five/six your example requires, but relatively hard for an attacker to work through all the possibilities due to multiplier effect. If we assume the hacker knows the format of our password for some reason, then your suggestion gives you about 20 possibilities for the special characters, 10 for the numbers, double it for not knowing the order, and then repeat for the end additions plus a dictionary search for the word, generally most words people use for a password (unless they get out a dictionary and go to a random page) will be hit within about 10000 tries, so you are talking about 100 million attempts to crack, plus whatever advantage your letter change gets you.

Conversely getting the first word of a non-predictable set of four words takes 10k attempts, getting the first two at the same time is 100m, getting your three words at the same time is 1 trillion and all four words at once is 10 quadrillion.

Basically the limitation of adding individual numbers and symbols is that each one doesn't add a lot of possibilities to a brute force attack for each part of the password you have to remember, whereas adding more words means an entire extra dictionary attack on each word you add.

Throwaway Password: It would take about 54 seconds to crack your password.Normal Password: It would take about 121 years to crack your password.Paranoid Password: It would take about 3902 years to crack your password.

// The paranoid password is over 15 characters - but I type 100 WPM and as per a previous post, my passwords are based on patterns on the keyboard.

// years of playing video games, entering codes, pulling off combos in fighting games, etc, my passwords are basically muscle memory. I don't even know what the actual characters are that I'm typing (since I can type, I don't look at the keyboard).

Alternate the casing and throw an exclamation mark on the front and end and you have a 19 character password that's easy to remember, but looks like complete jibberish and isn't going to get cracked anytime soon.

!234EsZxC678uHbNjY!

"It would take about 12486848136 years to crack your password."

// alternating the casing in a predictable pattern (EX, every other char, or just vowels, etc) makes the password less secure. But these passwords are already in the realm of ridiculous cracking time (for now) so carry on.

I see a lot of people posting about how their password is based on some kind of pattern. From what I've been reading lately, that probably isn't going to help. Password-cracking is getting scary-powerful. I'm questioning every password I've got. People are putting passwords into strength checkers and thinking their's is good enough if a brute force attack takes thousands of years. Nobody does naive brute force attacks anymore. Even "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn" isn't safe anymore. Intel says it will take 1.2069884584481359e+57 years to crack but it has already been done.

[www.geekscribes.net image 620x261]There' that's a 17 character password right there.

Alternate the casing and throw an exclamation mark on the front and end and you have a 19 character password that's easy to remember, but looks like complete jibberish and isn't going to get cracked anytime soon.

!234EsZxC678uHbNjY!

"It would take about 12486848136 years to crack your password."

// alternating the casing in a predictable pattern (EX, every other char, or just vowels, etc) makes the password less secure. But these passwords are already in the realm of ridiculous cracking time (for now) so carry on.

Yeah, but who will be laughing when I finally crack your password in 12,486,848,136 years?! Ha! Gotcha!

Back when I worked as a computer repair guy, I once had a laptop computer running Vista that had a password on the user account. There wasn't any contact phone number on the workorder so I couldn't call the customer to ask for her password. I had an XP password cracker that just replaced the password with whatever I wanted but I didn't have something for Vista and I didn't want to waste time.

Her password hint was "maiden name" so I Googled her current name and the first match was the wedding announcement on the New York Times website from about six years before. Along with the photo of the young couple (the person who checked it in verified it was her), there was her password in plain sight: "Mr. and Mrs. McDonald are pleased to announce the marriage of their daughter Mary to..."

I typed "mcdonald" and I was in. I fixed whatever it was that needed fixing and she picked up her laptop a day or two later none the wiser.

Great against a brute force attack, not so good against a dictionary based attack. The bottom line is passwords suck for security.

That word isn't in the dictionary.

You're suggesting that a dictionary attack would attempt to combine English words?

OK, great idea professor. Even if we assume there to be 4 words from the start, that leaves 12117361000000000000000000000000 different combinations. (59million English words in the Webster dictionary).

Do you think that would take a little while to use a dictionary attack against, yes?

Great against a brute force attack, not so good against a dictionary based attack. The bottom line is passwords suck for security.

That word isn't in the dictionary.

You're suggesting that a dictionary attack would attempt to combine English words?

OK, great idea professor. Even if we assume there to be 4 words from the start, that leaves 12117361000000000000000000000000 different combinations. (59million English words in the Webster dictionary).

Do you think that would take a little while to use a dictionary attack against, yes?

Now it's a dictionary attack because the hacker/cracker is building their own dictionary of words to attempt (for example, taking lists of words revealed from security lists and adding them to their dictionary).

// using a dictionary is just a starting point. The whole idea though is to use lists of words/phrases that people are likely to use as their passwords (which is why using "correct horse battery staple" now is actually a bad idea because that phrase has likely been entered into ever hackers dictionary.

Great against a brute force attack, not so good against a dictionary based attack. The bottom line is passwords suck for security.

That word isn't in the dictionary.

You're suggesting that a dictionary attack would attempt to combine English words?

OK, great idea professor. Even if we assume there to be 4 words from the start, that leaves 12117361000000000000000000000000 different combinations. (59million English words in the Webster dictionary).

Do you think that would take a little while to use a dictionary attack against, yes?

Give this Ars Technica article a read. It was quite eye-opening: Link

I know the article.

I think you should read it again actually, because Horse Correct Battery Stable is not a sentence. It's 4 random words. Which brings us back to 12117361000000000000000000000000 different combinations using the English dictionary. And that's being generous and not allowing for each word to be case sensitive.

Now realise that the password is stored using a one-way hash, so you have to run the hash for each attempt. And thats if security is lax. Otherwise the hash is salted.

I'm sorry if I come across as lecturing you. I shouldn't, but rather the guy I replied to. Since you obviously read about the subject, and have a casual understanding. But the guy I replied to should know that the guy behing XKCD is a brilliant mathematician, ie. notice the subject of his comics. Attacking the logic behind his pasword suggestion is a bit, naíve.

Great against a brute force attack, not so good against a dictionary based attack. The bottom line is passwords suck for security.

That word isn't in the dictionary.

You're suggesting that a dictionary attack would attempt to combine English words?

OK, great idea professor. Even if we assume there to be 4 words from the start, that leaves 12117361000000000000000000000000 different combinations. (59million English words in the Webster dictionary).

Do you think that would take a little while to use a dictionary attack against, yes?

Give this Ars Technica article a read. It was quite eye-opening: Link

I know the article.

I think you should read it again actually, because Horse Correct Battery Stable is not a sentence. It's 4 random words. Which brings us back to 12117361000000000000000000000000 different combinations using the English dictionary. And that's being generous and not allowing for each word to be case sensitive.

Now realise that the password is stored using a one-way hash, so you have to run the hash for each attempt. And thats if security is lax. Otherwise the hash is salted.

I'm sorry if I come across as lecturing you. I shouldn't, but rather the guy I replied to. Since you obviously read about the subject, and have a casual understanding. But the guy I replied to should know that the guy behing XKCD is a brilliant mathematician, ie. notice the subject of his comics. Attacking the logic behind his pasword suggestion is a bit, naíve.

You keep throwing out big numbers like they matter. Sure there are lots of combinations of words but they aren't all equally probable. People are going to use words and phrases that are more familiar and that eats into your big number quite a bit.

Great against a brute force attack, not so good against a dictionary based attack. The bottom line is passwords suck for security.

That word isn't in the dictionary.

You're suggesting that a dictionary attack would attempt to combine English words?

OK, great idea professor. Even if we assume there to be 4 words from the start, that leaves 12117361000000000000000000000000 different combinations. (59million English words in the Webster dictionary).

Do you think that would take a little while to use a dictionary attack against, yes?

Give this Ars Technica article a read. It was quite eye-opening: Link

I know the article.

I think you should read it again actually, because Horse Correct Battery Stable is not a sentence. It's 4 random words. Which brings us back to 12117361000000000000000000000000 different combinations using the English dictionary. And that's being generous and not allowing for each word to be case sensitive.

Now realise that the password is stored using a one-way hash, so you have to run the hash for each attempt. And thats if security is lax. Otherwise the hash is salted.

I'm sorry if I come across as lecturing you. I shouldn't, but rather the guy I replied to. Since you obviously read about the subject, and have a casual understanding. But the guy I replied to should know that the guy behing XKCD is a brilliant mathematician, ie. notice the subject of his comics. Attacking the logic behind his pasword suggestion is a bit, naíve.

You keep throwing out big numbers like they matter. Sure there are lots of combinations of words but they aren't all equally probable. People are going to use words and phrases that are more familiar and that eats into your big number quite a bit.

I am in no way an expert but I think part of the security is from not putting spaces between the words, so that a potential cracker can't know he is trying to hack 4 words, it is just one long ass string of letters that isn't a known word or common phrase.

Even if the computer starts with "correct" it wouldn't have any hint at the next part of the password being horse.

Of course nowadays CHBS is probably a common password and part of a dictionary attack.